From: Felipe Alfaro Solana <felipe.alfaro@gmail.com>
To: Wiktor <victorjan@poczta.onet.pl>
Cc: Andreas Hartmann <andihartmann@freenet.de>, linux-kernel@vger.kernel.org
Subject: Re: crypting filesystems
Date: Tue, 5 Apr 2005 14:43:30 +0100 [thread overview]
Message-ID: <6f6293f10504050643e50a1f9@mail.gmail.com> (raw)
In-Reply-To: <4251A8C4.60007@poczta.onet.pl>
On Apr 4, 2005 9:51 PM, Wiktor <victorjan@poczta.onet.pl> wrote:
> Hi,
>
> I'm using the following method and it seems to be working fine
> (involving crypto-loop):
>
> i have normal ext3 /boot partition, where i store kernel image & initrd.
> after lilo boots the kernel, initrd sets up /dev/loop0 to be
> crypto-loop/blowfish for /dev/hda1 (losetup /dev/loop0 /dev/hda1 -e
> blowfish). losetup asks for passphrase, and (if entered correctly),
> /dev/loop0 is mounted as root filesystem (it can be done also by simple
> mount call: mount /dev/hda1 /some-place -o rw,encryption=blowfish). for
> encrypting more filesystems with one passphrase, you can read it in
> shell script in non-echo-mode (if such exists, i'm not sure), and pass
> it to mount or losetup. crypto-loop makes possible to switch encryption
> type without modifying whole initrd.
>
> Regarding your questions:
>
> > 1. In order to put in the passphrase just once a time at booting, I
> put the passphrase in a gpg-crypted file (cipher AES256 and 256Bit key
> size), which is decrypted at boot-time to /tmp (-> tmpfs) and
> immediately removed with shred, after activating the three partitions.
> Is it possible to see the cleartext password after this action in tmpfs?
>
> Disk encryption usually protects from hardware-attacks (when hacker has
> physical access to the hardware). if you keep passphrase
> reversible-encrypted, attacker can read it and run brute-force attack
> using some huge-computing-capacity. is this what you want?
>
> > 2. Is it possible to gain the passphrase from the active encrypted
> partitions (because the passphrase is somewhere held in the RAM)?
>
> Only when attacker has root privileges. But i'm not sure if it is
> possible to extract passphrase knowing both encrypted and not encrypted
> data. What i mean is that usually each filesystem begins with
> filesystem-specyfic-header, which is constant or similar to each other.
> so, if attacker has encrypted form of this header and can estimate
> unencryptes form, it can possibly gain the passphrase. (but therse are
> only my ideas, i don't know how the encryptino-algorithm works).
What´s kept in RAM is the AES key used to decrypt disk blocks.
However, the passphrase from which the AES key is derived (usually by
using a hash function) is not kept in memory.
prev parent reply other threads:[~2005-04-05 13:44 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-04 10:45 crypting filesystems Andreas Hartmann
2005-04-04 20:51 ` Wiktor
2005-04-05 13:43 ` Felipe Alfaro Solana [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f6293f10504050643e50a1f9@mail.gmail.com \
--to=felipe.alfaro@gmail.com \
--cc=andihartmann@freenet.de \
--cc=linux-kernel@vger.kernel.org \
--cc=victorjan@poczta.onet.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox